War in Cyberspace

PITCOM Journal

DK Matai, Chairman & CEO of mi2g, outlined some of the major elements of Cyber-warfare in a talk on 22 October to the Real Time Club. The following are some extracts from his speech.

Monday, 3rd December 2001 Cyberspace encompasses digital systems, communication channels and media including television, radio, eMail, telephone and connected computer and mobile devices. Cyberspace has unified people regardless of where they are. In Cyberspace people sharing a common faith can meet, exchange ideas and plan ways regardless of whether they are, for example, in Jakarta, Islamabad, Teheran, Baghdad, Beirut, Cairo or Casablanca.

Cyberwarfare’s first pivot is as a community fragmenter / propaganda machine In the battle for hearts and minds, the Al-Jazeera satellite channel is able to reach Muslims anywhere in the world that have access to satellite broadcast.

Cyberwarfare’s second pivot is attack and counter-attack on digital systems. The damage that an asymmetric electronic attack can do to our industrialised society is greater than what could be inflicted on a developing or under-developed country.

Recent attacks

Hackers in many Islamic countries including Pakistan declared a cyber jihad on the US and Britain last week, only days after the FBI issued a warning predicting as much. Also last week, Pakistani hacker group G-Force defaced the site of the National Oceanic and Atmospheric Administration (NOAA) Center, part of the US Department of Commerce, leaving a message promising more of the same type of attacks.

The day before yesterday, G-Force Pakistan defaced a site operated by the US Department of Defense (DoD) with a message about terrorism and Islam, The message on the DoD site – Defense Test & Evaluation Processional Institute (DTEPI) – posted by G-Force "We will not rest till every node, every line, every bit of information contained in our suppressors has been wiped out, returning them to the dark ages."

Defence expertise

The focus of UK and US defence has been on the physical dimensions – land, sea, air and outer space – and not on cyberspace.

Cyber warfare poses threats directly to lower level infrastructure in all government departments and commercial institutions. The expertise needed against such threats requires expertise that is relatively fast moving and cannot be ‘trained’ into people over a short period of time.

(Fragmented intelligence)

The single biggest failing of Western Intelligence Agencies in not having picked up the 11th September attacks is their fragmented electronic intelligence gathering systems, which have no capability to unify knowledge management and analysis.

It is an Herculean task to collect, sift, analyse and act on this intelligence data if the key pieces of knowledge are not to be missed. This cannot be done manually and we need really smart technology solutions to help us.

If the threat and targets are international, the Allied countries’ knowledge management and analysis systems handling intelligence data need to be able to talk to each other. This has not been true for Agencies even within the same country, especially the US, who up until now jealously guard information that they collect themselves.

Protection and civil liberties – loss of privacy

In order to reassure its citizens, the government needs to act and be seen to reassure its people and be seen to deploy a series of counter measures. Individual freedom and protection through security always carries a trade off.

When it comes to the issue of mass identification, we have to begin with something that people carry such as a Passport, Driving License or business ID card and something that they know such as a password or specific knowledge. This needs to be coupled with something that they are – such as their fingerprint - to tighten security.

Biometric security

A lot has been said about Smart ID Cards and Biometric security since 11th September. The truth is that biometric security – fingerprint recognition, facial recognition, voice recognition - is not 100% accurate. It can only be used as an adjunct and not the mainstay.

The whole issue of authentication, confidentiality, data integrity and non-repudiation of bona fide presence, communications and transactions is a critical issue and has to be solved through a multi-pronged approach.

Human intelligence

The next question to consider is how does one deploy people with the Knowledge Management and Analysis Tools to outsmart the malevolent people who are one step ahead and constantly figure out ways to outsmart the system?

The reality is that 70% of all complex attacks take place through insider knowledge. and assistance and not political activists who go it alone. More attention needs to be given to the value of human intelligence, where the information is collected in situ at the grass roots level. When guaranteeing the security of large digital systems the only way forward is to combine knowledge management and analysis tools with human intelligence via managed security services.

The full text of DK Matai’s speech is available at: intelligence.unit@mi2g.com

Renowned worldwide for the ATCA Briefings. Subscribe now.
Home - Profile - Values - People - Careers - Partners - Contact Us
D2 Banking - Bespoke Security Architecture - Digital Risk Management - Tools

Intelligence Briefings - Brochures - Case Studies -
SIPS Methodology FAQ (pdf)
Keynote Speeches - Articles - News Feeds - Glossary (pdf)
Terms and Conditions - Privacy Policy